package org.lora.webframework.security;

import java.io.IOException;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;

import javax.naming.Context;
import javax.naming.InitialContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;

import org.apache.log4j.Logger;
import org.lora.core.annotation.Service;
import org.lora.exception.WebSecurityException;
import org.lora.log4j.Log4jUtil;
import org.lora.mvc.security.entity.Principal;
import org.lora.mvc.security.entity.WebResource;
import org.lora.mvc.security.impl.AbsSercurityService;
import org.lora.util.ValidateUtil;

/**
 * <p>
 * 类名:MySecurityServiceImpl
 * </p>
 * 描述:安全验证实现<br>
 * 创建时间:2016年8月1日 下午1:31:23<br>
 * 
 * @author Bladnir@outlook.com<br>
 *         修改历史:<br>
 *         2016年8月1日 Bladnir 创建<br>
 */
@Service
public class MySecurityServiceImpl extends AbsSercurityService {

	private static final String LOGIN_URL = "/security/showLogin.do";

	private Logger bizLog = Log4jUtil.getBusinessLogger();

	/*
	 * 应用启动的时候调用此方法
	 * 
	 * @see org.lora.mvc.security.ISecurityService#initPrincipalPermission()
	 */
	@Override
	public void initPrincipalPermission() throws WebSecurityException {

	}

	/*
	 * 用户登录信息验证
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#loginValidate(javax.servlet
	 * .http.HttpServletRequest, javax.servlet.http.HttpServletResponse,
	 * org.lora.mvc.security.entity.Principal)
	 */
	@Override
	protected Principal loginValidate(HttpServletRequest request, HttpServletResponse response, Principal principal) {

		String userName = request.getParameter("userName");
		String password = request.getParameter("password");

		// 1q2w3e4r
		if (ValidateUtil.isEqual(userName, "bladnir") && ValidateUtil.isEqual(password, "5416d7cd6ef195a0f7622a9c56b55e84")) {
			UserEntity user = new UserEntity();

			user.setId(userName);
			user.setLocalAddr(principal.getLocalAddr());
			user.setName(userName);

			bizLog.debug("user [" + userName + "] login success");
			return user;
		} else {
			bizLog.debug("user [" + userName + "] login fail");
			return null;
		}

	}

	/*
	 * 验证用户信息
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#validateRequestHandle(
	 * javax.servlet.http.HttpServletRequest,
	 * javax.servlet.http.HttpServletResponse,
	 * org.lora.mvc.security.entity.Principal,
	 * org.lora.mvc.security.entity.WebResource)
	 */
	@Override
	protected boolean validateRequestHandle(HttpServletRequest request, HttpServletResponse response, Principal principal,
			WebResource webResource) {
		return true;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#validateFailHandle(javax
	 * .servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse,
	 * org.lora.mvc.security.entity.WebResource)
	 * 
	 * 验证权限失败
	 */
	@Override
	protected void validateFailHandle(HttpServletRequest request, HttpServletResponse response, WebResource webResource) {
		bizLog.debug("[" + webResource.getUrl() + "] validate fail");
		redirectToLoginPage(request, response, LOGIN_URL);
	}

	/*
	 * 登陆成功
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#loginSuccessHandle(javax
	 * .servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
	 */
	@Override
	protected void loginSuccessHandle(HttpServletRequest request, HttpServletResponse response) {
		redirectToLoginPage(request, response, "/webframework/dashboard/showIndex.do");
	}

	/*
	 * 登陆失败
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#loginFailHandle(javax.
	 * servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
	 */
	@Override
	protected void loginFailHandle(HttpServletRequest request, HttpServletResponse response) {
		redirectToLoginPage(request, response, LOGIN_URL);
	}

	/*
	 * 登出
	 * 
	 * @see
	 * org.lora.mvc.security.impl.AbsSercurityService#logoutHandle(javax.servlet
	 * .http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
	 */
	@Override
	protected void logoutHandle(HttpServletRequest request, HttpServletResponse response) {
		redirectToLoginPage(request, response, LOGIN_URL);
	}

	/**
	 * 跳转页面
	 * 
	 * @param request
	 * @param response
	 * @param webResource
	 */
	private void redirectToLoginPage(HttpServletRequest request, HttpServletResponse response, String url) {
		try {
			response.sendRedirect(request.getContextPath() + url);
		} catch (IOException e) {
			bizLog.error(e.getMessage(), e);
		}
	}

}
